Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Security advisory: The risk of returning workers opening the door to dormant attackers

During the COVID-19 pandemic, more employees have been working from home than ever before. This situation has significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside of the office – something criminals are taking advantage of by targeting unsecured endpoints with increasing regularity.

Between Two Alerts: Phishing Emails - Less Ocean, More Aquarium

When we discuss Splunk Phantom with customers here at Splunk, we end up talking about phishing pretty frequently. As discussed in a recent blog post, "Phishing Emails — Don’t Get Reeled In!," phishing is a super common issue that almost everyone deals with ad nauseum. It’s also a nuisance to investigate. The good news is that automation excels at dealing with repetitive, mind-numbing workflows like phishing investigations.

DevSecOps vs. SecDevOps: A Rose by Any Other Name?

The terms DevSecOps and SecDevOps are often -- but not always -- used interchangeably. So is there any real difference between the two terms or is it all just semantics? Let’s look at how the role of security has changed as the software development life cycle (SDLC) has evolved to explore whether there’s really any difference between these two words.

Security For Work From Home Tools

Are you concerned about the security and compliance risks that come along with your organization’s work-from-home solutions? As more and more professionals connect to your organization’s networks via VPN and conduct their work with tools like Zoom, Teams and WebEx, it’s critical that your cybersecurity processes expand to include these changes. Make sure you and your teams are up to speed with best practices for work-from-home tools and common mistakes you’ll want to avoid.

COVID-19: Importance of Ethical Leadership During a Crisis

Change is hard—and during the COVID-19 pandemic, it’s happening at breakneck speed. Your employees and business partners need to know now, more than ever before, that they can trust you to be honest and transparent with them. This is the essence of ethical leadership. We’re standing on shaky ground as the virus sweeps through our nation and upends our economy. People are losing their jobs, their health insurance, and perhaps even their savings.

CI/CD In Confidence: How Pipelines Keeps Your Secrets

A friend that can’t keep a secret isn’t one you’ll rely on. The same is true for your mission critical CI/CD tool that you have to entrust with credentials for each integrated component. Keeping your secrets safe can be a challenge for CI/CD tools, since they need to connect to such a variety of other services. Each one needs its own password or token that must be kept hidden from prying eyes.

Bad Plugin: It's What's On The Inside That Counts.

Recently we came across an interesting case that demonstrates just how important it is to monitor the behaviour of your network as even simple software components can be deceptive in nature. Our analysts were alerted to suspicious network activity originating from Microsoft Edge running on a Windows 10 machine. The browser in this instance was making a large number of web requests even though the machine was locked and not in use. There was one notable long running connection.